Falkirk Council admits breaching laws on keeping data secure

Jill Buchanan

Council chiefs have been rapped after it was discovered most of their staff didn’t know the rules about keeping peoples’ data safe.

Following a security breach in March, Falkirk Council was at the centre of a probe by the Information Commissioner’s Office (ICO).

It is understood the inquiry was launched after someone requested information about their child’s school record and was sent the details – along with those belonging to another pupil.

But when the ICO conducted its investigation, it discovered that only one in ten of the local authority’s employes has proper data protection training.

The council holds tens of thousands of pieces of personal information about the 150,000-plus people living within its boundaries, including bank details, criminal records and details of at risk children and vulnerable adults.

But it received a strong warning from the ICO after it was revealed only 11.4 per cent of council employees had completed one or more sections of the authority’s data protection training modules.

Ken Macdonald, assistant commissioner for Scotland said: “The security breach may have only involved one individual but, given the lack of training of council employees, it had the potential to happen again.

“I am therefore pleased that Falkirk Council has committed to improve staff training around data protection.”

Mary Pitcaithly, council chief executive, has now signed the undertaking saying the local authority is committed to ensuring personal data is processed in accordance with the Data Protection Act and that staff will be trained in how to ensure this happens.

However, Councillor Cecil Meiklejohn, leader of the SNP opposition, said she had been made aware of a further breach in relation to an Freedom of Information request made to housing services about neighbour complaints.

She said: “This is a major issue. People have the right to access personal information more and more but it needs to be treated in a very sensitive way.

“As an authority we should be doing everything to ensure these kind of mistakes don’t happen.”

A Falkirk Council spokesperson said: “We take our duties under the Data Protection Act seriously and have agreed a way forward with the Information Commissioner to improve our compliance.”